The Apex Legends Hack.

- Destroyer2009 claiming responsibility for the incident
- Not sharing further details on "how" until everything is patched
- Claimed they did it just for the lolz, but has nothing to do with the server and did not go outside the Apex process
- Didn't do vulnerability disclosure process because there is no bug bounty/vulnerability disclosure program 🤪

_JohnHammond

Damn you know it’s real when John Hammond gets involved in this

.-zd

I agree with John H. opinion and Thor's. I can't wait to see the security report for this incident.

AllanCoronado-jt

Something similar happened in Battlefield and Call of Duty (when it wasn't owned by Blizzard). Hackers were messing with OFFICIAL servers where players were joining from legal client. They could do literally everything for example "turn off gravity in entire lobby", "level up all players and weapons to max level", "unlock literally everything possible in the game for everyone in the lobby", "make ammo unlimited" etc and everyone who even accidently joined this lobby (you can't pick lobby yourself in CoD, game do it for you) was getting banned at later time (I was one of them, I still have VAC ban on steam because of this).

NetworkEscape

Really enjoy these kind of videos where gaming and cybersecurity collide. Would love to see more of these videos breaking down things like game hacks 🔥

Shaun_Jonesss

Nice video but I'm a little bit confused; you mention this could be directX hooking/hijacking and then say that's not code execution? To me, the fact that you're creating your own directX object from within the game process means you're running your own code. There's nothing preventing you from popping calc.exe instead of an in game window at this point. Am I missing something?

warsang

Well, Source based games that Respawn have developed in the past haven't been really well known for their security in the back end. Like it drove a few players to develop their own fully disconnected from Respawn multiplayer instance for Titanfall 2, where each induvidual could host their own servers because there was supposedly some vulnerability in the back end that dealt with the hosting of official servers.

Sure they came along and fixed it but that took them over a year and probably the help of some graduate that asked to do it as a passion project on the side of other work. Hopefully the issue is discovered and the information can be dispersed out into the wider gaming community in the coming days or weeks.

ThistleBlue

Seeing you and Thor aka Pirate Software talk about this as an apex fan that was watching this tournament live is great to see

omgmacy

Pirate Software actually went through some steps in a live stream yesterday showing exactly what you're taking about here, Mr. Hammond.

Rogueferula

I'll be damned, nice collab with Pirate Software IMMEDIATELY after this upload! 😂

Voodoo__

A while back Secret Club claimed that one of their members discovered an RCE affecting ALL Source Engine games triggered by invites which they disclosed to Valve a few years back, but have been prevented from releasing a write-up on it as it is still yet to be patched. There also exists a video demo of the exploit in action, but no detailed information besides.

pbjandahighfive

btw, Thor figured out that the IP is just from a scanner, but he is a bit concerned that it could actually reach their computer, since it shouldn't be able to do that by default, so maybe some messed up port forwarding, or maybe some remnants the hacker didn't clean up.

mrt_

I think it just came out last night that Thor found a rented server that was connected to ImperialHals PC. The thread begins to unravel.

CARTUNE.

Primeagen + Thor + John i sense a great crossover incoming

mr.togrul--

Something to note, the cheat gui looking like it’s part of the game actually makes it more likely there either an rce or someone put a backdoor on their system, often for internal cheats (cheats that involve force loading a DLL into the process which either contains the cheat code or communicates with a corresponding driver to run the cheats) often will use whatever drawing apis are already used by the target, making it very common for the gui to be ingrained in the game (and makes it easier for the gui to have similar visuals to the game)

Eap

Thank you for all your insigbt into the field. Yourr professional experience and field impressions are always greatly appreciated, Sir. I clicked immediately! Great and much needed to know info! I like the format and pacing 👍🏽 keep fighting the good fight

BlackBrt

"in this industry there are no experts, just specialists"

Max-klil

I think its more simpler to believe these competitors had cheating software on their systems and this software gives the creators of these tools access to their game/their software.

SarahLiane

Looks like I've been living under a rock

ldandco

As someone who has been in IT and gaming for a lot of years i wont out of hand dismiss the possibility of an RCE, some of the anti cheat software that comes with these games hooks into the system deep enough to be a real concern.. but that said there are only a few big ones out there, and a 0-day RCE in one big enough to be used in a large game like apex would be worth a metric sh*t tonne. to burn it on trolling some streamer on a game even if it was at the professional level, i cant see that happening.

The supporting redistributable that was mentioned by your co-worker is also part of a massive number of games, so i would consider that being the 0-day or attack vector unlikely for the same reasons as above.

The streamers themselves being infected with a RAT is far more likely, when you take into account that a lot of the more modern RAT's are capable of silently installing and running anything you want, my money would be on this vector not anything to do with the game, it's engine, supporting redistributables or anti-cheat

Trmrz